Skip to main content

Sthttpd

3 CVEs product

Monthly

CVE-2021-26843 HIGH POC This Week

An issue was discovered in sthttpd through 2.27.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Sthttpd
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2017-10671 HIGH PATCH This Week

Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service Sthttpd
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2013-0348 LOW PATCH Monitor

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Sthttpd Fedora Linux Opensuse +1
NVD
CVSS 2.0
2.1
EPSS
0.0%
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in sthttpd through 2.27.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Sthttpd
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 2.1
LOW PATCH Monitor

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Sthttpd Fedora +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy